VULHUB ™

Telekorn SignKorn Guestbook (SL)中存在多个PHP远程文件包含漏洞，在启用register_globals时，远程攻击者通过以下文件的dir_path参数中的URL执行任意PHP代码：(1) index.php, (2) includes/functions.gb.php, (3) includes/functions.admin.php, (4) includes/admin.inc.php, (5) help.php, (6) smile.php, (7) entry.php；(a) help/en和(b) help/de目录中的(8) adminhelp0.php, (9) adminhelp1.php, (10) adminhelp2.php和(11) adminhelp3.php；以及(c) admin目录中的(12) preview.php, (13) log.php, (14) index.php, (15) config.php和(16) admin.php。

Telekorn SignKorn Guestbook (SL)中存在多个PHP远程文件包含漏洞，在启用register_globals时，远程攻击者通过以下文件的dir_path参数中的URL执行任意PHP代码：(1) index.php, (2) includes/functions.gb.php, (3) includes/functions.admin.php, (4) includes/admin.inc.php, (5) help.php, (6) smile.php, (7) entry.php；(a) help/en和(b) help/de目录中的(8) adminhelp0.php, (9) adminhelp1.php, (10) adminhelp2.php和(11) adminhelp3.php；以及(c) admin目录中的(12) preview.php, (13) log.php, (14) index.php, (15) config.php和(16) admin.php。